Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.10 views

CVE-2022-0628

The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.5AI score0.00853EPSS
Exploits2References1
OSV
OSV
added 2022/03/21 7:15 p.m.2 views

CVE-2022-0628

The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.4AI score0.00853EPSS
Exploits2References2
NVD
NVD
added 2022/03/21 7:15 p.m.20 views

CVE-2022-0628

The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.1CVSS0.00853EPSS
Exploits2References2
Cvelist
Cvelist
added 2022/03/21 6:55 p.m.23 views

CVE-2022-0628 AP Mega Menu < 3.0.8 - Reflected Cross-Site Scripting

The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...

6.4AI score0.00853EPSS
Exploits2References2
CVE
CVE
added 2022/03/21 6:55 p.m.86 views

CVE-2022-0628

CVE-2022-0628 affects the WordPress plugin Mega Menu prior to version 3.0.8. The vulnerability stems from not sanitizing/escaping the _wpnonce parameter before echoing it on an admin page, enabling Reflected Cross-Site Scripting. Impact is a user/admin-page XSS exposure as described across NVD/Re...

6.1CVSS6.2AI score0.00853EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder